"These Are Not The Bots You’re Looking For"

By Jesus J. Espinoza

It’s December, time for Christmas holiday and cheer. Everyone on the street is filled with excitement and anticipation for the holiday break. But the Christmas holiday is not the only thing people are excited about this month. Nerds and geeks alike are filled with joy at the release of the new Star Wars movie opening this mid-December.  Keeping in line with this event, our Cybersecurity article this month will focus on Internet “bots” or “botnets”.


Attack Of The Bots

“Bots”, which are short for Botnets or Robot Networks, are computer systems that have come under the control of other systems on the internet, much like the scene in the Star Wars movie. Everyone who has seen the movie remembers that scene where the Jedi Master through the use of mind control forces thoughts into the mind of the storm trooper looking for runaway droids. In the case of a bot, a computer or laptop is compromised with some type of malware which installs a tiny program and forces the computer to begin taking instruction or commands from other systems somewhere on the internet.  The computers sending the commands are known as Command & Control systems which are used by hackers to control other computers and turn them into bots or zombies too. Once the bot installs itself on to a computer, it will immediately begin scanning the network looking for other computers to infect. Bots work much like worms which also spread very rapidly, but unlike a worm, bots can be assigned different tasks to perform none of which are benevolent. They can be used to spread spam, install keyloggers to capture passwords, collect sensitive information and used collectively to conduct denial of service attacks on other computers.  

Turned To The Dark Side

Bots were not always malicious bits of code in the beginning. Initially bots were used by companies like Google who would use them to help index websites on the internet. They are still used today to gather information for marketing purposes when people visit a site like Amazon or Facebook. These bots mostly work on web sites, unlike the malicious type which infect a user computer and take control. Although bots can be used to disable or take down websites and critical systems as part of a malicious attack, today bots are mostly used for profit. Hackers use them to infect systems with adware and get paid for it. This works much the same way as paid commercials work on a television station. The television station gets paid by the advertising company for every commercial they make you watch. Like television, there are internet businesses that hire people to write code into online games, apps and other websites that will have pop up advertisements show up on your screen. Hackers use their army of bots, which can sometimes number in the thousands, to constantly bombard users with adware and spam. The hacker then simply sits back and collects his weekly check from the advertising companies. Hackers also make money by simply selling part or all of their armies of bots to other hackers on the internet. This has become a very lucrative business where hundreds of thousands of bots are bought and sold through obscure internet sites.

It is estimated that four out of five computers have some type of bot infection. According to Time Magazine, 2014 was the year where bots actually outnumbered humans on the planet. They have spread rapidly and continue to spread almost exponentially. Research now shows the bot infection spreading to smartphones and tablets as well. Malicious bots are very hard to detect and normally remain dormant and hidden until the hacker has use for them. Other times they simply work in the background collecting information and sending that information to the hacker. This information can include email account passwords, credit card numbers, bank information and any other information useful to the hacker. The information is then either used by the hacker or sold on the internet to other hackers.

Use The Force

Bots can creep into your computer in many different ways. They can exploit unpatched vulnerabilities in your operating system. They can also be delivered through spam email or sent as an attachment. You can even get them from a friend or co-worker’s computer. Once inside a computer, bots are very hard to detect because of their sophisticated program design. After the bot installs itself, it will immediately start erasing all tracks of its installation and hide itself by masquerading as a legitimate service on the computer. All this makes bots difficult to detect but not impossible. The best way to combat bots or any other malicious malware is to always maintain your operating system up to date. This not only applies to your operating system, but other software installed as well. There are other things that can be done to prevent a computer from becoming a zombie in a bot network. For example, be extra careful with email containing attachments. Never download or open an executable (.exe) file. Ignore all unsolicited web advertisements or pop ups and report them to your security group.

May The Force Be With You

Keeping malware out of our computer systems is a never ending battle. Viruses and malware get more sophisticated each day. The best way to avoid a bot infection or any other malware is to always remain vigilant and practice good cyber security both at home and at work.